PentestAgent is another new open source project developed by the GH05TCREW group that aims to support penetration testing activities through the use of agents based on language models.
The tool is designed to work with Python 3.10 and later and requires an API key compatible with OpenAI, Anthropic , or other providers supported by LiteLLM .
Installation can be done by cloning the official GitHub repository and using dedicated scripts for Windows, Linux, and macOS, which automate the creation of the virtual environment and installation of dependencies. Alternatively, you can proceed manually by setting up a Python virtual environment, installing the necessary packages, and completing the Playwright installation with Chromium, which is essential for using the integrated web browsing tools.
For the software to function correctly, you must create a .env configuration file in the project’s root directory. This file must contain environment variables related to the API key of the chosen provider and the model to use, such as Claude Sonnet or GPT-5. PentestAgent is compatible with any model supported by the LiteLLM ecosystem.
Once configured, the tool can be launched via the command line, opening an interactive text interface. You can launch PentestAgent without parameters, directly specifying a target IP, or enabling the tools to run within a Docker container for greater security and isolation of the testing environment.
Docker support is one of the project’s key features. Users can choose between lightweight precompiled images, which include basic tools like nmap and netcat, or Kali Linux-based images, which already include advanced frameworks like Metasploit, sqlmap, and Hydra. Alternatively, images can be built locally using Docker Compose, with different profiles depending on operational needs.
PentestAgent offers three distinct operating modes. Assist mode allows for guided interaction with the agent, leaving control up to the user. Agent mode allows for the autonomous execution of a single task, while Crew mode enables a multi-agent system in which an orchestrator coordinates multiple specialized entities to tackle complex tasks.
The TUI provides a series of commands for managing operations, including setting targets, viewing available tools, generating reports, and reviewing notes collected during sessions. You can also stop agent execution or quickly exit the application using keyboard shortcuts.
The project includes predefined playbooks for black-box security testing, as well as a RAG- based knowledge management system. Methodologies, vulnerabilities, and wordlists can be uploaded to enrich the agents’ operational context. The collected information is saved persistently and, in Crew mode, used to build a knowledge graph that supports advanced strategic analysis. Use of the software is permitted only on systems for which explicit authorization is granted, as indicated in the project’s legal notices.
Follow us on Google News to receive daily updates on cybersecurity. Contact us if you would like to report news, insights or content for publication.
